Nginx企业级使用1(运维笔记)

Nginx企业级使用1(运维笔记)

重装和升级

信号参数

Kill 选项参数  pid
##关闭nginx
##快速关闭
kill -INT pid
##优雅关闭
kill -QUIT pid


##############实操##############
[root@server01 ~]# ps -ef|grep nginx
root       1668      1  0 11:09 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www        1820   1668  0 11:49 ?        00:00:00 nginx: worker process               
root       1896   1839  0 12:14 pts/0    00:00:00 grep --color nginx
[root@server01 ~]# kill -TERM 1668 #快速关闭 作用于master
[root@server01 ~]# ps -ef|grep nginx
root       1898   1839  0 12:15 pts/0    00:00:00 grep --color nginx
[root@server01 ~]# service nginx start
正在启动 nginx:                                           [确定]
[root@server01 ~]# ps -ef|grep nginx
root       1951      1  0 12:15 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www        1953   1951  0 12:15 ?        00:00:00 nginx: worker process               
root       1955   1839  0 12:15 pts/0    00:00:00 grep --color nginx
[root@server01 ~]# kill -INT 1953 #快速退出
[root@server01 ~]# ps -ef|grep nginx
root       1951      1  0 12:15 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www        1956   1951  0 12:16 ?        00:00:00 nginx: worker process               
root       1958   1839  0 12:16 pts/0    00:00:00 grep --color nginx
[root@server01 ~]# kill -QUIT 1951 #优雅关闭
[root@server01 ~]# ps -ef|grep nginx
root       1960   1839  0 12:17 pts/0    00:00:00 grep --color nginx

重新安装

  • 停止服务,删除编译安装软件包和源码包

  • 重新解压编译安装即可

  • 如有需要,备份配置文件和网站目录里的资源文件

平滑升级

  • 升级软件版本,需要启动新版本,无法启动(端口占用)

  • 旧版本不先停,新的又可以运行

  • 新旧版本同时提供服务,旧的请求完成后,停掉旧进程

  • -USR2平滑启动一个进程(平滑升级)-WINCH优雅关闭子进程 -QUIT优雅关闭主进程

上传新版本

[root@server01 ~]# ps -ef|grep nginx #旧版本启动
root       2027      1  0 12:31 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www        2029   2027  0 12:31 ?        00:00:00 nginx: worker process               
root       2034   1839  0 12:31 pts/0    00:00:00 grep --color nginx
[root@server01 ~]# cd soft
[root@server01 soft]# ls
mysql-5.6.33         nginx-1.14.2         php-7.2.12
mysql-5.6.33.tar.gz  nginx-1.14.2.tar.gz  php-7.2.12.tar.gz
mysql_install.sh     nginx_install.sh     php_install.sh
[root@server01 soft]# ls #上传新版本nginx1.16.0
mysql-5.6.33         nginx-1.14.2         nginx_install.sh   php_install.sh
mysql-5.6.33.tar.gz  nginx-1.14.2.tar.gz  php-7.2.12
mysql_install.sh     nginx-1.16.0.tar.gz  php-7.2.12.tar.gz

#解压 配置 编译 安装
tar xvf nginx-1.16.0.tar.gz
cd nginx-1.16.0
./configure  --prefix=/usr/local/nginx --user=www --group=www --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module
make install
#(执行完之后也可以直接执行make upgrade 不需要一步一步执行下方命令)

#上述操作完成 ,旧版本备份为nginx.old
[root@server01 nginx-1.16.0]# cd /usr/local/nginx/
[root@server01 nginx]# ls
client_body_temp  fastcgi_temp  logs        sbin       uwsgi_temp
conf              html          proxy_temp  scgi_temp
[root@server01 nginx]# cd sbin/
[root@server01 sbin]# ls
nginx  nginx.old  

[root@server01 sbin]# ./nginx -v
nginx version: nginx/1.16.0
[root@server01 sbin]# ./nginx.old -v
nginx version: nginx/1.14.2

#新旧版本同时进行
[root@server01 sbin]# ps -ef |grep nginx
root       2027      1  0 12:31 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www        2029   2027  0 12:31 ?        00:00:00 nginx: worker process                          
root       4666   1839  0 12:40 pts/0    00:00:00 grep --color nginx
[root@server01 sbin]# kill -USR2 2027
[root@server01 sbin]# ps -ef |grep nginx
root       2027      1  0 12:31 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www        2029   2027  0 12:31 ?        00:00:00 nginx: worker process                          
root       4667   2027  0 12:41 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www        4668   4667  0 12:41 ?        00:00:00 nginx: worker process                          
root       4670   1839  0 12:41 pts/0    00:00:00 grep --color nginx

[root@server01 sbin]# kill -WINCH 2029 #杀死旧子进程
[root@server01 sbin]# ps -ef |grep nginx
root       2027      1  0 12:31 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
root       4667   2027  0 12:41 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www        4668   4667  0 12:41 ?        00:00:00 nginx: worker process                          
www        4671   2027  0 12:42 ?        00:00:00 nginx: worker process                          
root       4673   1839  0 12:42 pts/0    00:00:00 grep --color nginx
[root@server01 sbin]# kill -QUIT 2027 #一键杀死旧进程
[root@server01 sbin]# ps -ef |grep nginx
root       4667      1  0 12:41 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www        4668   4667  0 12:41 ?        00:00:00 nginx: worker process                          
root       4675   1839  0 12:43 pts/0    00:00:00 grep --color nginx

配置文件

[root@server01 ~]# cd /usr/local/nginx/
[root@server01 nginx]# ls
client_body_temp  conf  fastcgi_temp  html  logs  proxy_temp  sbin  scgi_temp  uwsgi_temp
[root@server01 nginx]# cd conf 
[root@server01 conf]# cat nginx.conf #查看配置文件

#user  nobody;     #nginx启动用户
worker_processes  1;  #子进程数量 一般为cpu核数或者倍数
#错误日志定义
#error_log  logs/error.log;    
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
  #每个子进程的连接数  nginx当前并发量  worker_processes * worker_connections
    worker_connections  1024;
}

#http协议段
http {
    #引入  文件扩展名和与文件类型映射表
    include       mime.types;
    #默认文件类型 
    default_type  application/octet-stream;
    #访问日志access.log的格式
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;
    #linux内核  提供文件读写的机制
    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    #长连接超时时间  单位为s
    keepalive_timeout  65;

    #gzip  on;

    server {
    #监听端口
        listen       80;
         #域名  可以有多个 用空格分隔
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;
        root html;

        location / {
           #默认访问的网站路径
           # root   html;
           #默认访问页面 从前往后的顺序查找 
            index  index.html index.htm;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        location ~ \.php$ {
        #    root           html;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            include        fastcgi_params;
        }

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}
递进关系 http > server > location

自定义一个错误页面

[root@server01 ~]# cd /usr/local/nginx/
[root@server01 nginx]# ls
client_body_temp  conf  fastcgi_temp  html  logs  proxy_temp  sbin  scgi_temp  uwsgi_temp
[root@server01 nginx]# cd html
[root@server01 html]# ls
50x.html  index.html  index.php
[root@server01 html]# vim 404.html
[root@server01 html]# cat 404.html
oh! 404         

#编辑配置文件
[root@server01 html]# cd ..
[root@server01 nginx]# cd conf/
[root@server01 conf]# vim nginx.conf

#在server里添加或者去掉注释 
 error_page  404              /404.html;

访问不存在的页面就会出现此页面

企业常见配置

基于域名的虚拟主机配置

[root@server01 conf]# ls
fastcgi.conf            koi-utf             nginx.conf           uwsgi_params
fastcgi.conf.default    koi-win             nginx.conf.default   uwsgi_params.default
fastcgi_params          mime.types          scgi_params          win-utf
fastcgi_params.default  mime.types.default  scgi_params.default
[root@server01 conf]# vim nginx.conf  



#文件添加
 server{
       listen 80;#监听端口
       server_name shop.lnmp.com;#域名
       root html/tp5shop; #寻找路径
       index index.html;


      }


#重启服务
[root@server01 conf]# service nginx reload
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
重新载入 nginx:                                           [确定]
[root@server01 conf]# cd ..
[root@server01 nginx]# cd html/
[root@server01 html]# ls
404.html  50x.html  index.html  index.php
[root@server01 html]# mkdir tp5shop #创建配置目录
[root@server01 html]# cd tp5shop/
[root@server01 tp5shop]# vim index.html#新建index.html
[root@server01 tp5shop]# cat index.html
shop.lnmp.com



#使用windows访问 解析域名
PS C:\WINDOWS\system32\drivers\etc> tree /f
卷 系统 的文件夹 PATH 列表
卷序列号为 09C1-B27D
C:.
    hosts
    hosts.ics
    lmhosts.sam
    networks
    protocol
    services

没有子文件夹

#编辑hosts文件添加
#你自己的ip地址  域名
192.168.126.139 shop.lnmp.com


#查看连通性

PS C:\Users\Rkun18> ping shop.lnmp.com

正在 Ping shop.lnmp.com [192.168.126.139] 具有 32 字节的数据:
来自 192.168.126.139 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.126.139 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.126.139 的回复: 字节=32 时间=1ms TTL=64
来自 192.168.126.139 的回复: 字节=32 时间<1ms TTL=64

192.168.126.139 的 Ping 统计信息:
    数据包: 已发送 = 4,已接收 = 4,丢失 = 0 (0% 丢失),
往返行程的估计时间(以毫秒为单位):
    最短 = 0ms,最长 = 1ms,平均 = 0ms
#新建php文件
[root@server01 tp5shop]# pwd
/usr/local/nginx/html/tp5shop
[root@server01 tp5shop]# vim index.php
[root@server01 tp5shop]# cat index.php
<?php
echo 'shop site by php';




#不能解析php文件在nginx.conf里新建的server里编辑内容
 server{
      listen 80;
      server_name shop.lnmp.com;
      root html/tp5shop;
      index index.html;
      location ~ \.php$ {
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
        }


    }



#访问
http://shop.lnmp.com/index.php
#成功访问

基于端口的配置

[root@server01 ~]# vim /usr/local/nginx/conf/nginx.conf
#修改端口
server{
      listen 5210;
      server_name shop.lnmp.com;
      root html/tp5shop;
      index index.html;
      location ~ \.php$ {
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
        }


    }

#重载
[root@server01 ~]# service nginx reload
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
重新载入 nginx:    

#查看端口
[root@server01 ~]# netstat -nltp|grep nginx
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      1676/nginx
tcp        0      0 0.0.0.0:5210                0.0.0.0:*                   LISTEN      1676/nginx
#无法访问
http://shop.lnmp.com/index.php
#加端口5210
http://shop.lnmp.com:5210/index.php
成功访问!

基于IP访问

#临时绑定IP 
ifconfig eth0:1 192.168.126.140
#查看IP是否绑定成功
ip a


#######################实操#################
[root@server01 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:19:47:98 brd ff:ff:ff:ff:ff:ff
    inet 192.168.126.139/24 brd 192.168.126.255 scope global eth0
    inet6 fe80::20c:29ff:fe19:4798/64 scope link
       valid_lft forever preferred_lft forever
[root@server01 ~]# ifconfig eth0:1 192.168.126.140
[root@server01 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:19:47:98 brd ff:ff:ff:ff:ff:ff
    inet 192.168.126.139/24 brd 192.168.126.255 scope global eth0
    inet 192.168.126.140/24 brd 192.168.126.255 scope global secondary eth0:1
    inet6 fe80::20c:29ff:fe19:4798/64 scope link
       valid_lft forever preferred_lft forever       




#在nginx配置文件里新建一个server
[root@server01 ~]# vim /usr/local/nginx/conf/nginx.conf

server {
    listen 80;
    server_name 192.168.126.140;
    root html/ip;

}

#建立测试目录
 cd /usr/local/nginx/html
 mkdir ip
 echo "ip site" >> index.html

#通过浏览器访问
http://192.168.126.140/

上线商城项目

#上传项目源代码 (随意位置)这里我使用MobaXterm 上传文件很方便
 cd /usr/local/nginx/html

[root@server01 ~]# cd /usr/local/nginx/html
[root@server01 html]# ls
404.html  index.html  ip       tp5shop.zip
50x.html  index.php   tp5shop  tpshop.sql
[root@server01 html]# mv tp5shop tp5shop_bak #把之前的目录删除或者做一个备份
[root@server01 html]# ls
404.html  index.html  ip           tp5shop.zip
50x.html  index.php   tp5shop_bak  tpshop.sql

#把项目压缩包解压
 unzip tp5shop.zip


#解压后
[root@server01 html]# ls
404.html  index.html  ip       tp5shop_bak  tpshop.sql
50x.html  index.php   tp5shop  tp5shop.zip
[root@server01 html]# cd tp5shop
[root@server01 tp5shop]# ls
application  composer.json  extend       public     runtime  thinkphp
build.php    composer.lock  LICENSE.txt  README.md  think    vendor 


#设置基本信息
 vim /usr/local/nginx/conf/nginx.conf

#在配置文件中配置server虚拟主机段
 server {
        listen 80;
        server_name shop.lnmp.com;
        #tp5shop商城项目基于thinkphp5框架开发,需要绑定默认网站目录为public
        root html/tp5shop/public;
        index  index.html;
        location ~ \.php$ {
        #    root           html;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            include        fastcgi_params;
        }
}


#每次配置完记得重启配置
 service nginx reload

访问:http://shop.lnmp.com/

403 Forbidden

403 Forbidden


nginx/1.16.0

错误原因

  • 默认访问index.html 刚才配置public目录下没有该文件

  • 没有index.html就会列出目录结构 ,但没有权限列出

#设置基本信息
 vim /usr/local/nginx/conf/nginx.conf

#在配置文件中配置server虚拟主机段
 server {
        listen 80;
        server_name shop.lnmp.com;
        #tp5shop商城项目基于thinkphp5框架开发,需要绑定默认网站目录为public
        root html/tp5shop/public;
#默认index.php添加
        index index.php index.html;
        location ~ \.php$ {
        #    root           html;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            include        fastcgi_params;
        }
}


#重载配置

连接数据库导入数据

[root@server01 ~]# mysql -uroot -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.6.33 Source distribution

Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
#当前数据库
mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| performance_schema |
+--------------------+
3 rows in set (0.00 sec)     

#创建数据库
mysql > create database tp5shop;
#使用数据库
mysql > use tp5shop;
#通过sql文件导入恢复数据
mysql > source /usr/local/nginx/html/tpshop.sql



######################################################



#修改项目的连接数据库配置文件
vim /usr/local/nginx/html/tp5shop/application/database.php 


return [
    // 数据库类型
    'type'            => 'mysql',
    // 服务器地址
    'hostname'        => '127.0.0.1',
    // 数据库名
    'database'        => 'tp5shop',
    // 用户名
    'username'        => 'root',
    // 密码
    'password'        => '你自己设置的密码',
    // 端口
    'hostport'        => '3306',

访问shop.lnmp.com

遇到问题:项目需要在runtime文件夹中写入缓存信息(需要写权限)

  • nginx 读取静态文件 用户www

  • php-fpm 读取、写入、解析php文件 用户www

  • 把runtime目录的所属关系赋予www

 cd /usr/local/nginx/html/tp5shop
 chown -R www:www runtime/

 ####################################################################
 [root@server01 ~]#  cd /usr/local/nginx/html/tp5shop
[root@server01 tp5shop]# ls
application  composer.json  extend       public     runtime  thinkphp
build.php    composer.lock  LICENSE.txt  README.md  think    vendor
[root@server01 tp5shop]# ll
总用量 68
drwxr-xr-x 5 root root  4096 420 18:43 application
-rw-r--r-- 1 root root  1124 42 2018 build.php
-rw-r--r-- 1 root root  1051 42 2018 composer.json
-rw-r--r-- 1 root root 18657 42 2018 composer.lock
drwxr-xr-x 2 root root  4096 57 2018 extend
-rw-r--r-- 1 root root  1854 42 2018 LICENSE.txt
drwxr-xr-x 7 root root  4096 57 2018 public
-rw-r--r-- 1 root root  5904 42 2018 README.md
drwxr-xr-x 5 root root  4096 57 2018 runtime
-rw-r--r-- 1 root root   770 42 2018 think
drwxr-xr-x 5 root root  4096 57 2018 thinkphp
drwxr-xr-x 7 root root  4096 57 2018 vendor
[root@server01 tp5shop]# chown -R www:www runtime/
[root@server01 tp5shop]# ll
总用量 68
drwxr-xr-x 5 root root  4096 420 18:43 application
-rw-r--r-- 1 root root  1124 42 2018 build.php
-rw-r--r-- 1 root root  1051 42 2018 composer.json
-rw-r--r-- 1 root root 18657 42 2018 composer.lock
drwxr-xr-x 2 root root  4096 57 2018 extend
-rw-r--r-- 1 root root  1854 42 2018 LICENSE.txt
drwxr-xr-x 7 root root  4096 57 2018 public
-rw-r--r-- 1 root root  5904 42 2018 README.md
drwxr-xr-x 5 www  www   4096 57 2018 runtime
-rw-r--r-- 1 root root   770 42 2018 think

访问shop.lnmp.com

Nginx企业级使用1(运维笔记)_第1张图片
基本部署完成

你可能感兴趣的:(运维,运维,nginx,笔记)